As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
In a large computer system, maintaining information security is a difficult task as, in many cases, a security system may have difficulties distinguishing legitimate activities from the unauthorized access of data. Currently, a risk associated with a user account may be determined by looking at the resources to which the user account has access, groups to which the user account belongs, and resources which the user account owns. However, highly privileged user accounts, e.g., user account with full access privileges to many resources in a computing system, have high privilege levels to enable the user accounts to perform legitimate actions. Thus, a determination of risk based on the resources to which a user account has access, groups to which the user account belongs, and resources which the user account owns may not accurately identify the risk associated with the user account.